CVE-2024-27318
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-27318
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-27318.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-27318
- Aliases
- Downstream
- Related
- Published
- 2024-02-23T18:15:50.767Z
- Modified
- 2025-11-20T12:26:11.652159Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the external_data field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory. The vulnerability occurs as a bypass for the patch added for CVE-2022-25882.
- References
-
- https://security.snyk.io/vuln/SNYK-PYTHON-ONNX-2395479
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGTBH5ZYL2LGYHIJDHN2MAUURIR5E7PY/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFJJID2IZDOLFDMWVYTBDI75ZJQC6JOL/
- https://github.com/onnx/onnx/commit/66b7fb630903fdcf3e83b6b6d56d82e904264a20
Affected packages
Git / github.com/onnx/onnx
Affected ranges
- Type
- GIT
- Repo
- https://github.com/onnx/onnx
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Database specific
vanir_signatures
[
{
"digest": {
"function_hash": "279619965437319505598947798855971345192",
"length": 402.0
},
"source": "https://github.com/onnx/onnx/commit/66b7fb630903fdcf3e83b6b6d56d82e904264a20",
"id": "CVE-2024-27318-0e34bd6f",
"signature_version": "v1",
"target": {
"file": "onnx/common/path.h",
"function": "utf8str_to_wstring"
},
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"104332037762270981435757562132327599062",
"289229950002979969790260531145507780362",
"235710238458363501160428489483432355262",
"246649006856259654861544403187248320216",
"89655112587566471677518766755142304267",
"27239894576351024163082160341011339904",
"230520410388084876710225632346370745078",
"213201732718700328232334630084512327267",
"199705114692086694747054418381209675772",
"66500932051990266901623911718657403723",
"39654343884552627927956043565242979222",
"201695667325899941457854645890663865231",
"110541219682966978691991225579477683026",
"51505807963359043486804472974565853258",
"240793468604267336076420736384845870829",
"7972147717643736253831403084125059114",
"31936116690110051065765316211968155895",
"223562932066134009542698909547755042615",
"231233032827250454131399580230198275144",
"151751336932430325045957862324626112823",
"97646370272031617055752027465710805655",
"333860663048746007699396373252128514496",
"316965716797159704309359764583355191994",
"127611080966658938118954731848255844334",
"10956387921208990924424734410052396420",
"255578257237703490390196987510470754145",
"14303694476745820714530017560520199001",
"94708870948924996500359369778759969194",
"137237736377969277829810156162721859758",
"52730757671234060243302140166847358466",
"34304570268340625279330634462880470927",
"103953047765694468221099531956158350153",
"631728490844132069727675233938394926",
"312111558179216668409188887243663881488",
"198435346555265319822522584760807101489",
"274263411207186989901105400150169336708",
"42935917157943482155445385556497235230",
"248867299062796773770173639510204880785",
"74824237473006242208324030187506266854",
"99958998079443416671974424941605185346",
"124688591024279549037421979965670172240",
"39654343884552627927956043565242979222",
"201695667325899941457854645890663865231",
"110541219682966978691991225579477683026",
"272269654716300411396408466456793889410",
"128760545056484813397325281803697049042",
"332183875007431216459300703523997440879",
"306571677050543809304216616204242731364",
"206378185338668227667685999825590241770",
"231233032827250454131399580230198275144",
"151751336932430325045957862324626112823",
"97646370272031617055752027465710805655",
"333860663048746007699396373252128514496",
"316965716797159704309359764583355191994",
"127611080966658938118954731848255844334",
"202024155122339839364693671759821862479",
"153878707109447658342833126944749968315",
"80912747145387905646592955756273671853",
"221667204741081772500964435205269726187",
"58695088025670081760283381159199791651",
"209501383238575632364083256517443973518",
"291371315624354478652889755005038321282",
"271596622378771173934456807490097286538",
"110663791574147327218892082700821262140",
"162825841806411871925585653698156522105",
"309805404178789295157209824794112189358",
"34304570268340625279330634462880470927",
"258005963401096900848020152711583255364",
"234924864726827392481951693627886150518",
"112153765193335070721742738860480859742",
"165082921901551961856450720023140540159",
"320840524451766573060288933964244744532",
"255927466363045277032670943649333879279",
"265509428884915991499735560798017590556",
"34304570268340625279330634462880470927",
"258005963401096900848020152711583255364",
"6562373507494491780604099969509185151",
"124502633350577458428380665343588238224",
"168825813275213747862537094267462295030",
"172547197573833809247029799385803180032",
"194231714249816697885080011234107511497",
"123074759988673625586437316398823472373",
"188562544525243291260664722352569022641",
"221925025439894443212256503649777084161",
"324764863192043696511029276723214812808"
]
},
"source": "https://github.com/onnx/onnx/commit/66b7fb630903fdcf3e83b6b6d56d82e904264a20",
"id": "CVE-2024-27318-14bb45d9",
"signature_version": "v1",
"target": {
"file": "onnx/checker.cc"
},
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"function_hash": "28756268382866020308799986267704226882",
"length": 5422.0
},
"source": "https://github.com/onnx/onnx/commit/66b7fb630903fdcf3e83b6b6d56d82e904264a20",
"id": "CVE-2024-27318-32bdd449",
"signature_version": "v1",
"target": {
"file": "onnx/checker.cc",
"function": "check_tensor"
},
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"127235201640194221748173879886145904451",
"54165068923478039693020928009049136797",
"178722793956276867127036141790972283850",
"259458540478357124636245718390242305862",
"31682249578723060881038963469197527654",
"205213531946190281180873952073997591293",
"136199331191120300942474527397075146534",
"254734016587688089686215887211494598728"
]
},
"source": "https://github.com/onnx/onnx/commit/66b7fb630903fdcf3e83b6b6d56d82e904264a20",
"id": "CVE-2024-27318-39e78dda",
"signature_version": "v1",
"target": {
"file": "onnx/common/path.h"
},
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"184743515865274812113834164525874135653",
"101189037897862780688846728834613355608",
"265880493409156323681436033432431323441"
]
},
"source": "https://github.com/onnx/onnx/commit/66b7fb630903fdcf3e83b6b6d56d82e904264a20",
"id": "CVE-2024-27318-50657c1b",
"signature_version": "v1",
"target": {
"file": "onnx/checker.h"
},
"deprecated": false,
"signature_type": "Line"
},
{
"digest": {
"function_hash": "176551484445370247967565519395569753396",
"length": 19272.0
},
"source": "https://github.com/onnx/onnx/commit/66b7fb630903fdcf3e83b6b6d56d82e904264a20",
"id": "CVE-2024-27318-52123b68",
"signature_version": "v1",
"target": {
"file": "onnx/cpp2py_export.cc",
"function": "PYBIND11_MODULE"
},
"deprecated": false,
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"96408287160862078037987992404017714430",
"129578978491066932049875799683736809610",
"111499689284304609245521746451384862835"
]
},
"source": "https://github.com/onnx/onnx/commit/66b7fb630903fdcf3e83b6b6d56d82e904264a20",
"id": "CVE-2024-27318-57eab50b",
"signature_version": "v1",
"target": {
"file": "onnx/cpp2py_export.cc"
},
"deprecated": false,
"signature_type": "Line"
}
]